Backporting to stretch: OpenSSL versions mix
wferi at niif.hu
wferi at niif.hu
Mon Mar 18 13:45:53 GMT 2019
Etienne Dysli Metref <etienne.dysli-metref at switch.ch> writes:
> I've backported xmltooling 3.0.4 and opensaml 3.0.0. However, testing
> with piuparts shows that -dev packages can't be installed. The root
> cause of the conflict seems to be that a) xmltooling depends on
> libssl-dev (which is OpenSSL 1.1 in stretch) and b) xmltooling also
> depends on libcurl4-openssl-dev which in turn transitively depends on
> libssl1.0-dev | libssl-dev (<< 1.1) (i.e. OpenSSL 1.0). How can I
> untangle that and use only one version of OpenSSL?
Hi Etienne,
Just use OpenSSL 1.0 everywhere, that is, revert cb6df2ad for the
xmltooling backport. That should be enough.
> IIRC, the SPv3 is not backwards-compatible with OpenSSL 1.0, is it?
See Scott's reply: it is. We never exercised this in Debian, true, but
I don't expect problems.
--
Regards,
Feri
More information about the Pkg-shibboleth-devel
mailing list